package org.msz.keycloak;

import org.keycloak.KeycloakSecurityContext;

import javax.servlet.http.HttpServletRequest;

public class KeycloakContext {
    private final HttpServletRequest request;
    private final KeycloakSecurityContext ksc;

    public static KeycloakContext valueOf(HttpServletRequest request) {
        return new KeycloakContext(request);
    }

    private KeycloakContext(HttpServletRequest req) {
        request = req;
        ksc = (KeycloakSecurityContext) request.getAttribute("org.keycloak.KeycloakSecurityContext");
    }

    public String getUserName() {
        return ksc != null ? ksc.getToken().getPreferredUsername() : request.getRemoteAddr();
    }

    public String getToken() {
        return ksc != null ? ksc.getTokenString() : null;
    }

    public int getExpiration() {
        return ksc != null ? ksc.getToken().getExpiration() : 0;
    }

    public boolean isSecured() {
        return ksc != null;
    }

    public boolean isUserInRole(String role) {
        return ksc != null && ksc.getToken().getRealmAccess().isUserInRole(role);
    }
}
